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DETAILED ACTION 
Response to Arguments 

1 . Applicant argues, "Kempf does not disclose or suggest at least, 'wherein if the packet 
received from the first interface is a binding update packet encoded using the authentication key 
generated by the mobile node according to the authentication key generation token, the packet 
monitoring unit outputs the binding update packet to the controller, and the controller extracts 
binding information, including a home address of the mobile node and a foreign address of the 
mobile node provided in a foreign link area, from the binding update packet using the 
authentication key stored in the data storage area, and stores the extracted binding information in 
the data storage area,' as recited in amended claim 1." This argument is not persuasive because 
Kempf discloses that the mobile node uses the address based keys to establish a security 
association with the home agent, and when the mobile nodes transmits a binding update message, 
which signals a new care of address, to the home agent, the message is secured with the address 
based keys ([001 8]-[0021] & [0053] & [01 12]), which meets the limitation of wherein if the 
packet received from the first interface is a binding update packet encoded using the 
authentication key generated by the mobile node according to the authentication key generation 
token, the packet monitoring unit outputs the binding update packet to the controller, and the 
controller extracts binding information, including a home address of the mobile node and a 
foreign address of the mobile node provided in a foreign link area, from the binding update 
packet using the authentication key stored in the data storage unit, and stores the extracted 
binding information in the data storage unit. 



Application/Control Number: 10/705,947 Page 3 

Art Unit: 2132 

2. Applicant argues, "Although Kempf does disclose that a mobile node uses addressed 
based keys to establish a security association, nowhere does Kempf disclose or suggest that a 
binding update packet is encoded using an authentication key generated by a mobile node ." This 
argument is not persuasive because Kempf discloses the binding update messages are encrypted 
using the address based keys ([0018]-[0021]). These address based keys are generated based on 
the HOA address by the mobile nodes ([0021] & [0025] & [0068]). 

3. With respect to claims 4 and 9, Applicant argues, "nowhere do the applied reference 
disclose that a packet converter passes a packet without converting the sources, only if the 
binding information does not exist in the data structure." This argument is not persuasive 
because this limitation is inherently present in Kempf because Kempf does not specify that the 
home agent changes the source address in the message header of messages received from mobile 
nodes, it meets the limitation of the controller controls the packet converter, so that the packet 
converter passes the packet without converting the source address included in the packet, if the 
binding information does not exist in the data storage area since the home agent of Kempf never 
converts the source address. 

4. Applicant argues, "the claims satisfy 35 U.S.C. § 1 12, second paragraph. For example, if 
a claim recites that an element performs an operation when a particular condition exists, the 
claim does not also have to recite what a particular element does if the particular condition does 
not exist, for a claim to be considered definite." This argument is not persuasive because one of 
the requirements set forth in the second paragraph of 35 U.S.C. § 1 12 is that "the claims must 
particularly point out and distinctly define the metes and bounds of the subject matter that will be 
protected by the patent granted." See MPEP 2171. "Although an essential purpose of the 
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examination process is to determine whether or not the claims define an invention that is both 
novel and nonobvious over the prior art, another esstential purpose of patent examination is to 
determine whether or not the claims are precise, clear, correct, and unambiguous. The 
uncertainties of claim scope should be removed, as much as possible, during the examination 
process." See MPEP 2171. In this case the claims are ambiguous because the scope of the claims 
is unclear when the if conditions are not satisfied. Such ambiguity represents uncertainty of 
claim scope and is required by 35 U.S.C. § 1 12, second paragraph, to be corrected. 

Claim Rejections - 35 USC § 112 

5. The following is a quotation of the second paragraph of 35 U.S.C. 112: • 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

6. Claims 1, 3-5, 6, 8-1 1 are rejected under 35 U.S.C. 1 12, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

7. Claim 1 recites, "a packet monitoring unit, which outputs an authentication request 
packet requiring authentication of the mobile node if the packet transmitted from the first 
interface is the authentication request packet," and "if the packet received from the first interface 
is a binding update packet encoded using the authentication key generated by the mobile node 
according to the authentication key generation token the packet monitoring unit outputs the 
binding update packet to the controller," which renders the claim indefinite because the claim 
limitations do not define what the packet monitoring unit does if the packet transmitted from the 
first interface is not an authentication request packet or a binding update packet. 
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8. Claim 3 recites, "the controller controls the packet converter, so that the packet converter 
converts the source address of the packet into the home address of the mobile node and outputs 
the converted address, if the binding information exists in the data storage unit," which renders 
the claim indefinite because the claim limitations do not define what the packet converter does if 
no binding information exists in the data storage unit. The limitations of claim 4 remedy the 
above mentioned indefiniteness. 

9. Claim 5 recites, "the controller controls the packet converter, so that the packet converter 
converts the destination address of the packet into a foreign address of the mobile node, if the 
destination address is the home address of the mobile node and the home address is bound with 
the foreign address of the mobile node," which renders the claim indefinite because the claim 
limitations do not define what the packet converter does if the home address of the mobile node 
is not bound with the foreign address of the mobile node. 

10. Claim 6 recites, "if the packet transmitted from the mobile node is the authentication 
request packet requiring authentication of the mobile node," which renders the claims indefinite 
because the claim limitations do not define what the packet monitoring unit does if the packet 
transmitted from the first interface is not an authentication request packet. 

1 1 . Claim 8 recites, "if the same binding information as the binding information included in 
the packet transmitted by the mobile node exists in the stored binding information," which 
renders the claim indefinite because the claim limitations do not define what the packet converter 
does if no binding information exists in the data storage unit. The limitations of claim 9 remedy 
the above mentioned indefiniteness. 
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12. Claim 1 1 recites, "if the packet transmitted from the mobile node is the authentication 
request packet requiring authentication of the mobile node," which renders the claims indefinite 
because the claim limitations do not define what the packet monitoring unit does if the packet 
transmitted from the first interface is not an authentication request packet. 

13. Claims not specified are rejected because of their dependence on the above mentioned 
claims. 

Claim Rejections - 35 USC § 102 

14. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

15. Claims 1, 6, 1 1 are rejected under 35 U.S.C. 102(e) as being anticipated by Kempf, U.S. 
Publication No. 2003/021 1842. Referring to claims 1,6, 11, Kempf discloses securing binding 
updates using address based keys wherein routers functioning as home agents for a mobile node, 
interface with mobile nodes and correspondent nodes to a core network ([0017]), which meets 
the limitation of a router for transmitting a packet between a mobile node and correspondent 
nodes. The binding updates are sent when the mobile node detects that it has moved outside its 
home network ([0018] & [0023]), which meets the limitation of a foreign link area. The home 
agent can assign the home address (HoA) and send the home address (Ho A) to the mobile node 
([0023]), which meets the limitation of a data storage unit, which stores data for generating an 
authentication key generation token. The home agents transmits messages using the destination 
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address contained in the message header ([01 12] & Figure 1), which meets the limitation of a 
first interface, which receives and transmits a packet to a destination address stored in a header 
of the packet. The mobile node sends a request to the home agent for parameters to establish a 
security association with the home agent (Figure 2, 200 & [0054]-[0055] & [0067] & [0107]- 
[0108]), which meets the limitation of a packet monitoring unit, which outputs an authentication 
request packet requiring authentication of the mobile node if the packet transmitted from the first 
interface is the authentication request packet. The home agent can assign the home address 
(HoA) and send the home address (HoA) to the mobile node ([0023]), which meets the limitation 
of a controller, which receives a packet from the packet monitoring unit, generates an 
authentication key generation token with reference to the data for generating an authentication 
key generation token stored in the data storage unit, the first interface receives and transmits the 
authentication key generation token to the mobile node. The home address (HoA) is used by the 
home agent and the mobile node to generate the address based keys of the mobile node ([0025] 
& [0029]) & [0067]), which meets the limitation of generates an authentication key using the 
authentication key generation token, stores the authentication key generation token and the 
authentication key in the data storage unit, and outputs the authentication key generation token to 
the first interface. The mobile node uses the address based keys to establish a security association 
with the home agent, and when the mobile nodes transmits a binding update message, which 
signals a new care of address, to the home agent, the message is secured with the address based 
keys ([0018]-[0021] & [0053] & [01 12]), which meets the limitation of wherein if the packet 
received from the first interface is a binding update packet encoded using the authentication key 
generated by the mobile node according to the authentication key generation token, the packet 
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monitoring unit outputs the binding update packet to the controller, and the controller extracts 
binding information, including a home address of the mobile node and a foreign address of the 
mobile node provided in a foreign link area, from the binding update packet using the 
authentication key stored in the data storage unit, and stores the extracted binding information in 
the data storage unit. 

Claim Rejections - 35 USC § 103 

16. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

17. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 
(1966), that are applied for establishing a background for determining obviousness under 35 
U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating obviousness 
or nonobviousness. 

18. Claims 3-5, 8-10 are rejected under 35 U.S.C. 103(a) as being unpatentable over Kempf, 
U.S. Publication No. 2003/021 1842, in view of Chen, U.S. Patent No. 6,829,483. Referring to 
claims 3, 8, Kempf discloses securing binding updates using address based keys wherein routers 
functioning as home agents for a mobile node, interface with mobile nodes and correspondent 
nodes to a core network ([0017]). The binding updates are sent when the mobile node detects 
that it has moved outside its home network ([0018] & [0023]). Kempf does not disclose that the 
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home agent removes the care-of address in the packet header of a message transmitted from a 
mobile node and replaces the address with the home address. Chen discloses that the home agent 
receives a message from a mobile node in a foreign network that includes the care-of address for 
the mobile node in source field of the message header (Col. 4, lines 24-32). Once received the 
home agent replaces the care-of address with the home address for the mobile node in the source 
field of the message header (Col. 4, lines 33-38), which meets the limitation of a packet 
converter, which receives a packet output from the packet monitoring unit, and converts a source 
address of the packet from the foreign address of the mobile node to the home address of the 
mobile node and outputs the converted address, according to a control given by the controller, 
the packet monitoring unit searches for the header of the packet received from the first interface, 
extracts and outputs binding information included in the packet header to the controller, and 
outputs the packet to the packet converter, the controller controls the packet converter, so that the 
packet converter converts the source address of the packet into the home address of the mobile 
node and outputs the converted address, if the binding information exists in the data storage unit. 
The home agent then transmits the re-addressed message to the correspondent node associated 
with the address in the destination field of the message header (Col. 4, lines 35-43), which meets 
the limitation of a second interface, which receives the packet output from the packet converter, 
and transmits the packet to a correspondent node, according to an address of the correspondent 
node stored in the header of the packet. It would have been obvious to one of ordinary skill in the 
art at the time the invention was made for the home agent of Kempf to convert the care-of 
address in header of messages received from a mobile node in a foreign network, to the home 
address of the mobile node, in order to prevent a firewall or egress filtering procedure from 



Application/Control Number: 10/705,947 Page 10 

Art Unit: 2132 

rejecting the message because the source address is different from the home address as taught by 
Chen (Col. 2, lines 1-4). 

Referring to claims 4, 9, because Kempf does not specify that the home agent changes the 
source address in the message header of messages received from mobile nodes, it meets the 
limitation of the controller controls the packet converter, so that the packet converter passes the 
packet without converting the source address included in the packet, only if the binding 
information does not exist in the data storage area since the home agent of Kempf never converts 
the source address. 

Referring to claims 5, 10, Kempf discloses securing binding updates using address based 
keys wherein routers functioning as home agents for a mobile node, interface with mobile nodes 
and correspondent nodes to a core network ([0017]). The binding updates are sent when the 
mobile node detects that it has moved outside its home network ([0018] & [0023]). Kempf does 
not disclose that the home agent removes the home address in the destination address field of 
messages destined for the mobile node, and replaces the home address with the care-of address. 
Chen discloses that the home agent receives all messages destined for the mobile node and 
replaces the home address of the mobile node, in the destination field of the message header, 
with the care-of address of the mobile node (Col. 3, lines 25-32 & Col. 4, lines 13-21), which 
meets the limitation of the packet monitoring unit outputs the destination address stored in the 
header of the packet received through the second interface, to the controller, and outputs a packet 
received from the packet converter, the controller controls the packet converter, so that the 
packet converter converts the destination address of the packet into a foreign address of the 
mobile node, if the destination address is the home address of the mobile node and the home 
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address is bound with the foreign address of the mobile node, the packet converter converts the 
destination address stored in the header of the packet transmitted by the correspondent node into 
the foreign address of the mobile node, according to a control given by the controller. The re- 
addressed message is then output by the home agent (Col. 3, lines 31-32), which meets the 
limitation of outputs the converted packet to the first interface. 

Conclusion 

19. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

20. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Benjamin E. Lanier whose telephone number is 571-272-3805. 
The examiner can normally be reached on M-Th 6:00am-4:30pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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